Analysis
-
max time kernel
0s -
max time network
132s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240611-en -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
09-11-2024 20:14
Static task
static1
Behavioral task
behavioral1
Sample
install
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
install
Resource
debian9-armhf-20240729-en
Behavioral task
behavioral3
Sample
install
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral4
Sample
install
Resource
debian9-mipsel-20240611-en
General
-
Target
install
-
Size
7KB
-
MD5
fdb4fc7cf9d973a86fbd7da129890787
-
SHA1
9406feae2ad841562cae396ea66029312fdde4b0
-
SHA256
61f018f6bc92f08e568a4ffc6a24d25ab2bc03fdddb307f26557312ea254bc28
-
SHA512
37145ba923520f5e930a14c18758c3f501b892697f54ad6a1574c3d957ebf9eff78e043f049e4eafd632ff5b0cc3609102f6b1faaae54cacc68a993308a9c9c5
-
SSDEEP
192:NTa9Q+cXDB6sE+5g30FhwdWjedvP+cLEwLhJFK1jL1LaOLWhmR7i:Y41ZE+5g30FhwdgeRmcEg+3kiWm7i
Malware Config
Signatures
-
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
Processes:
catdescription ioc process File opened for reading /proc/cpuinfo cat
Processes
-
/tmp/install/tmp/install1⤵PID:1478
-
/usr/local/sbin/bashbash /tmp/install1⤵PID:1478
-
/usr/local/bin/bashbash /tmp/install1⤵PID:1478
-
/usr/sbin/bashbash /tmp/install1⤵PID:1478
-
/usr/bin/bashbash /tmp/install1⤵PID:1478
-
/sbin/bashbash /tmp/install1⤵PID:1478
-
/bin/bashbash /tmp/install1⤵PID:1478
-
/bin/unameuname -ms2⤵PID:1479
-
/bin/grepgrep avx22⤵PID:1482
-
/bin/catcat /proc/cpuinfo2⤵
- Checks CPU configuration
PID:1481